qiurui
/
qtdeclarative
mirror of https://github.com/qt/qtdeclarative.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix a crash when copying array data 

Regression from 5.5. d()->arrayData->alloc can be larger, but
never smaller than the allocation of the other's array data.

Change-Id: I7d2265768f9d6e6298bfbba0d674a4d0e642422f
Task-number: QTBUG-48727
Reviewed-by: Liang Qi <liang.qi@theqtcompany.com>
Reviewed-by: Nikita Krupenko <krnekit@gmail.com>
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
This commit is contained in:
Lars Knoll 2015-10-14 14:25:41 +02:00 committed by Liang Qi
parent 41dacccfbc
commit af390399c8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/qml/jsruntime/qv4object.cpp
View File

@ -1107,7 +1107,7 @@ void Object::copyArrayData(Object *other)
dd->len = other->d()->arrayData->len;
dd->offset = other->d()->arrayData->offset;
}
memcpy(d()->arrayData->arrayData, other->d()->arrayData->arrayData, d()->arrayData->alloc*sizeof(Value));
memcpy(d()->arrayData->arrayData, other->d()->arrayData->arrayData, other->d()->arrayData->alloc*sizeof(Value));
}
setArrayLengthUnchecked(other->getLength());
}